# # # patch "botan_pipe_cache.hh" # from [90361c58d131861f55560dcad3793ee756a50c7b] # to [78590b824191d5ee727d21ba8879e23b4054cafc] # # patch "key_store.cc" # from [8da2c21fdfb618f80c4e2296f587256da80e572a] # to [6b8e00545cb55deaf6a247b1fccd7ca92bf0dfdf] # # patch "netsync.cc" # from [126ff0ef642b515981807cd45f0799f9e121333d] # to [9352f59c67d47e16991713015356bc0bc971b863] # # patch "transforms.cc" # from [2fbdb28d3200ee925cbd3eaef16563e2e98ac10f] # to [5ddd45879695306827570bd595789564990540fd] # # patch "vocab_macros.hh" # from [8c97fbf646367acb3d62c4101b28b0d69538fa3d] # to [d86c8aad1e3c5925d39e07ac131403001e7b1173] # ============================================================ --- botan_pipe_cache.hh 90361c58d131861f55560dcad3793ee756a50c7b +++ botan_pipe_cache.hh 78590b824191d5ee727d21ba8879e23b4054cafc @@ -45,6 +45,10 @@ public: Botan::Pipe * operator->() { I(pipe); return pipe.get(); } + // To avoid re-using a pipe that's thrown. + void reset(Botan::Pipe * p) + { pipe.reset(p); } + // ??? operator bool, operator! a la boost::scoped_ptr // (what's with the bizarro unspecified_bool_type thing?) }; ============================================================ --- key_store.cc 8da2c21fdfb618f80c4e2296f587256da80e572a +++ key_store.cc 6b8e00545cb55deaf6a247b1fccd7ca92bf0dfdf @@ -661,18 +661,26 @@ key_store::decrypt_rsa(rsa_keypair_id co rsa_oaep_sha_data const & ciphertext, string & plaintext) { - keypair kp; - load_key_pair(*this, id, kp); - shared_ptr priv_key = s->decrypt_private_key(id); + try + { + keypair kp; + load_key_pair(*this, id, kp); + shared_ptr priv_key = s->decrypt_private_key(id); - shared_ptr - decryptor(get_pk_decryptor(*priv_key, "EME1(SHA-1)")); + shared_ptr + decryptor(get_pk_decryptor(*priv_key, "EME1(SHA-1)")); - SecureVector plain = decryptor->decrypt( - reinterpret_cast(ciphertext().data()), - ciphertext().size()); - plaintext = string(reinterpret_cast(plain.begin()), - plain.size()); + SecureVector plain = + decryptor->decrypt(reinterpret_cast(ciphertext().data()), + ciphertext().size()); + plaintext = string(reinterpret_cast(plain.begin()), + plain.size()); + } + catch (Botan::Exception & ex) + { + E(false, ciphertext.made_from, + F("Botan error decrypting data: '%s'") % ex.what()); + } } void ============================================================ --- netsync.cc 126ff0ef642b515981807cd45f0799f9e121333d +++ netsync.cc 9352f59c67d47e16991713015356bc0bc971b863 @@ -2316,8 +2316,13 @@ session::process_data_cmd(netcmd_item_ty case revision_item: { L(FL("received revision '%s'") % hitem()); + data d(dat, origin::network); + id tmp; + calculate_ident(d, tmp); + if (!(tmp == item)) + throw bad_decode(F("hash check failed for revision %s") % item); revision_t rev; - read_revision(data(dat, origin::network), rev); + read_revision(d, rev); if (project.db.put_revision(revision_id(item), rev)) written_revisions.push_back(revision_id(item)); } @@ -2326,8 +2331,13 @@ session::process_data_cmd(netcmd_item_ty case file_item: { L(FL("received file '%s'") % hitem()); + data d(dat, origin::network); + id tmp; + calculate_ident(d, tmp); + if (!(tmp == item)) + throw bad_decode(F("hash check failed for file %s") % item); project.db.put_file(file_id(item), - file_data(dat, origin::network)); + file_data(d)); } break; } @@ -2666,6 +2676,13 @@ bool session::process(transaction_guard % peer_id % bd.what); return false; } + catch (recoverable_failure & rf) + { + W(F("recoverable '%s' error while processing peer %s: '%s'") + % origin::type_to_string(rf.caused_by()) + % peer_id % rf.what()); + return false; + } catch (netsync_error & err) { W(F("error: %s") % err.msg); @@ -2867,6 +2884,13 @@ class reactor % item->name() % bd.what); remove(item); } + catch (recoverable_failure & rf) + { + W(F("recoverable '%s' error while processing peer %s: '%s'") + % origin::type_to_string(rf.caused_by()) + % item->name() % rf.what()); + remove(item); + } } else { ============================================================ --- transforms.cc 2fbdb28d3200ee925cbd3eaef16563e2e98ac10f +++ transforms.cc 5ddd45879695306827570bd595789564990540fd @@ -99,9 +99,9 @@ error_in_transform(Botan::Exception & e, template<> string xform(string const & in, origin::type made_from) \ { \ string out; \ + static cached_botan_pipe pipe(new Pipe(new T(carg))); \ try \ { \ - static cached_botan_pipe pipe(new Pipe(new T(carg))); \ /* this might actually be a problem here */ \ I(pipe->message_count() < Pipe::LAST_MESSAGE); \ pipe->process_msg(in); \ @@ -109,6 +109,7 @@ error_in_transform(Botan::Exception & e, } \ catch (Botan::Exception & e) \ { \ + pipe.reset(new Pipe(new T(carg))); \ error_in_transform(e, made_from); \ } \ return out; \ @@ -210,16 +211,18 @@ void pack(T const & in, base64< gzip string tmp; tmp.reserve(in().size()); // FIXME: do some benchmarking and make this a constant:: + static cached_botan_pipe pipe(new Pipe(new Gzip_Compression, + new Base64_Encoder)); try { - static cached_botan_pipe pipe(new Pipe(new Gzip_Compression, - new Base64_Encoder)); pipe->process_msg(in()); tmp = pipe->read_all_as_string(Pipe::LAST_MESSAGE); out = base64< gzip >(tmp, in.made_from); } catch (Botan::Exception & e) { + pipe.reset(new Pipe(new Gzip_Compression, + new Base64_Encoder)); error_in_transform(e, in.made_from); } } @@ -227,15 +230,17 @@ void unpack(base64< gzip > const & in template void unpack(base64< gzip > const & in, T & out) { + static cached_botan_pipe pipe(new Pipe(new Base64_Decoder, + new Gzip_Decompression)); try { - static cached_botan_pipe pipe(new Pipe(new Base64_Decoder, - new Gzip_Decompression)); pipe->process_msg(in()); out = T(pipe->read_all_as_string(Pipe::LAST_MESSAGE), in.made_from); } catch (Botan::Exception & e) { + pipe.reset(new Pipe(new Base64_Decoder, + new Gzip_Decompression)); error_in_transform(e, in.made_from); } } @@ -253,14 +258,15 @@ calculate_ident(data const & dat, calculate_ident(data const & dat, id & ident) { + static cached_botan_pipe p(new Pipe(new Hash_Filter("SHA-160"))); try { - static cached_botan_pipe p(new Pipe(new Hash_Filter("SHA-160"))); p->process_msg(dat()); ident = id(p->read_all_as_string(Pipe::LAST_MESSAGE), dat.made_from); } catch (Botan::Exception & e) { + p.reset(new Pipe(new Hash_Filter("SHA-160"))); error_in_transform(e, dat.made_from); } } ============================================================ --- vocab_macros.hh 8c97fbf646367acb3d62c4101b28b0d69538fa3d +++ vocab_macros.hh d86c8aad1e3c5925d39e07ac131403001e7b1173 @@ -147,7 +147,11 @@ ty const & ty::operator=(ty const & othe origin_aware(other), s(other.s) {} \ \ ty const & ty::operator=(ty const & other) \ -{ s = other.s; return *this; } \ +{ \ + s = other.s; \ + made_from = other.made_from; \ + return *this; \ +} \ \ std::ostream & operator<<(std::ostream & o, \ ty const & a) \ @@ -198,7 +202,11 @@ ty const & ty::operator=(ty const & othe origin_aware(other), s(other.s) {} \ \ ty const & ty::operator=(ty const & other) \ -{ s = other.s; return *this; } \ +{ \ + s = other.s; \ + made_from = other.made_from; \ + return *this; \ +} \ \ std::ostream & operator<<(std::ostream & o, \ ty const & a) \ @@ -236,7 +244,11 @@ enc::operator=(enc const & template \ enc const & \ enc::operator=(enc const & other) \ - { s = other.s; return *this; } \ +{ \ + s = other.s; \ + made_from = other.made_from; \ + return *this; \ +} \ \ template \ std::ostream & operator<<(std::ostream & o, \